[Stackexchange gave me a Tumbleweed award when I raised this item for a posting that was ignored by everyone, but this issue is still important enough to me to raise a patch].
A minor defect in the Event Confirmation email template inserts a <script> reference to a Google APIs resource which can appear to email scanning services as a security violation. In particular, if you route the Confirmation back to CiviCRM (via the Email Activity Processor), the email will not be imported because IDS detection doesn't like the use of remote scripts.
The default Event Confirmation template uses the SocialNetworks.tpl to add social buttons to the confirmation email. SocialNetworks.tpl is shared with webpages. The Google API is only required by the webpages, not the emails. So the fix is simply to move the <script> reference into an IF statement that only applies if SocialNetworks is being used on a webpage.